Isabelle/Isar is a generic framework for human-readable formal proof documents, based on higher-order natural deduction. The Isar proof language provides general principles that may be instantiated to particular object-logics and applications. We discuss specific Isar language elements that support complex induction patterns of practical importance. Despite the additional bookkeeping required f...

Matching logic has been recently proposed as an alternative program verification approach. Unlike Hoare logic, where one defines a language-specific proof system that needs to be proved sound for each language separately, matching logic provides a language-independent and sound proof system that directly uses the trusted operational semantics of the language as axioms. Matching logic thus has a...

Writing dependently typed functional programs that capture non-trivial program properties, such as those involving membership, ordering and non-linear arithmetic, is difficult in current system due to lack of proof automation. We identify and discuss proof patterns that occur when programming with dependent types and detail how the automation of such patterns allow us to work more comfortably w...

Elf is a general meta-language for the specification and implementation of logical systems in the style of the logical framework LF. Proof search in this framework is based on the operational semantics of logic programming. In this paper, we discuss experiments with a prototype for memoization-based proof search for Elf programs. We compare the performance of memoization-based proof search, dep...

In this paper we define a sequent calculus to formally specify and verify security protocols. In our sequents we distinguish between the current knowledge of principals and the current global state of the session. Hereby, we can describe the operational semantics of principals and of an intruder in a simple and modular way. Furthermore, using proof theoretic tools like the analysis of permutabi...

We present a prototype of a computer algebra system that is built on top of a proof assistant, HOL Light. This architecture guarantees that one can be certain that the system will make no mistakes. All expressions in the system will have precise semantics, and the proof assistant will check the correctness of all simplifications according to this semantics. The system actually proves each simpl...

This paper introduces simulatable verifiable random functions (sVRF). VRFs are similar to pseudorandom functions, except that they are also verifiable: corresponding to each seed SK, there is a public key PK, and for y = FPK(x), it is possible to prove that y is indeed the value of the function seeded by SK. A simulatable VRF is a VRF for which this proof can be simulated, so a simulator can pr...

This note provides a direct, elementary proof of the fundamental result on monotone likelihood ratio of the total score variable in unidimensional item response theory (IRT). This result is very important for practical measurement in IRT, because it justifies the use of the total score variable to order participants on the latent trait. The proof relies on a basic inequality for elementary symm...

Matching logic reachability has been recently proposed as an alternative program verification approach. Unlike Hoare logic, where one defines a language-specific proof system that needs to be proved sound for each language separately, matching logic reachability provides a language-independent and sound proof system that directly uses the trusted operational semantics of the language as axioms....

Optimistic and nonblocking concurrent algorithms are increasingly finding their way into practical use; an important example is software transactional memory implementations. Such algorithms are notoriously difficult to design and verify as correct, and we believe complete, formal, and machine-checked correctness proofs for such algorithms are critical. We have been studying the use of automate...